A sophisticated information-stealing tool known as JSCEAL has evolved significantly in recent months, deploying advanced anti-analysis techniques and hardened command-and-control infrastructure to target users of cryptocurrency applications on Windows systems. Security researchers from Cato CTRL discovered the enhanced malware variant during an active campaign that began in August 2025, marking a substantial shift in the […]

The post New JSCEAL Infostealer Malware Targets Windows Systems to Steal Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

New research from Kaspersky has mapped the complete lifecycle of data stolen during phishing attacks, revealing a sophisticated “shadow market conveyor belt” where victim information is instantly commoditized. The analysis traces the digital trail from the initial click on a fraudulent link to the eventual sale of credentials on dark web markets, highlighting how automated […]

The post Research Findings on the Fate of Data Stolen in Phishing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have successfully extracted firmware from a cheap JieLi-based smartwatch by reviving an obscure 2000s attack technique that transmits sensitive data through display pixels. The novel approach, which builds upon decades-old “blinkenlights” methodology, demonstrates a significant vulnerability in how budget smartwatch manufacturers handle memory access and screen rendering without proper validation checks. The research […]

The post Researchers Revive 2000s ‘Blinkenlights’ to Extract Smartwatch Firmware via Screen Pixels appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers at Datadog have uncovered a sophisticated adversary-in-the-middle phishing campaign targeting organizations that use Microsoft 365 and Okta for single sign-on authentication. The campaign leverages advanced techniques to hijack legitimate SSO authentication flows and bypass multi-factor authentication methods that lack phishing-resistant capabilities, posing a significant threat to enterprise security infrastructures. The attack addressed phishing […]

The post New AiTM Attack Campaign Bypasses MFA to Target Microsoft 365 and Okta Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

An advanced persistent threat (APT) group with ties to Hamas has intensified its espionage operations against government and diplomatic entities across the Middle East, deploying a sophisticated new malware suite dubbed AshTag. The threat actor, tracked as Ashen Lepus (also known as WIRTE), has demonstrated significant operational evolution while maintaining persistent activity throughout regional conflicts, including the Israel-Hamas […]

The post Ashen Lepus Hacker Group Targets Eastern Diplomatic Entities with AshTag Malware Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The zLabs research team has identified a sophisticated new threat campaign targeting Spanish Android users through a malware strain called DroidLock. Unlike traditional ransomware that encrypts files, this Android-focused threat employs a more direct approach locking devices with ransomware-style overlays and demanding payment while maintaining complete control over compromised handsets. DroidLock primarily spreads through phishing […]

The post New DroidLock Malware Locks Android Devices and Demands Ransom Payment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Infostealers have become 2025’s fastest-growing cyberthreat, targeting all operating systems and regions with sophisticated social engineering tactics. In a new campaign discovered by Kaspersky experts, attackers are exploiting users’ interest in OpenAI’s Atlas browser by leveraging the official ChatGPT website itself as a hosting platform for malicious installation guides. The attack begins with paid search […]

The post New ClickFix Attacks Exploit Official ChatGPT Website to Deliver macOS Infostealer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A sophisticated malvertising campaign is exploiting ChatGPT and DeepSeek’s shared chat features to deliver credential-stealing malware to macOS users. Threat actors are purchasing sponsored Google search results and redirecting victims to legitimate-looking LLM-generated chat sessions that contain obfuscated malicious commands, effectively bypassing platform-level safety mechanisms. The attack begins when users search for common macOS troubleshooting […]

The post Hackers Are Using Shared AI Chats to Steal Your Passwords and Crypto appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The latest materials from the Charming Kitten network access reveal three significant findings that expand our understanding of Iran’s APT35 cyber operations: complete salary records for operative teams, expanded surveillance platform capabilities, and a classified 2004 document connecting Iran’s obtained IAEA inspection materials to Department 40 assassination targeting. The leaked materials document unprecedented compensation data […]

The post Charming Kitten Leak Reveals Key Operatives, Front Firms, and Massive Global Compromise appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Check Point Research (CPR) has published a comprehensive analysis of ValleyRAT, a widely distributed backdoor also known as Winos/Winos4.0, revealing its sophisticated modular architecture and dangerous kernel-mode rootkit capabilities. The research demonstrates how the malware’s developers possess deep expertise in Windows internals and successfully bypass modern security protections on fully updated Windows 11 systems. The […]

The post ValleyRAT Malware Evades Windows 11 Security with Stealthy Driver Install appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers at Palo Alto Networks Unit 42 have identified a newly emerging ransomware family, 01flip, that represents a significant shift in malware development tactics. Discovered in June 2025, this sophisticated threat is entirely written in Rust a modern programming language that enables cross-platform compatibility and currently targets a limited set of victims across the […]

The post New 01Flip Ransomware Targets Both Windows and Linux Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

ReversingLabs (RL) researchers have identified a sophisticated supply chain campaign involving 19 malicious Visual Studio Code (VS Code) extensions. The campaign, which has been active since February 2025 and was uncovered on December 2, 2025, leverages the trust inherent in the developer ecosystem by hiding malware within the dependency folders of otherwise functional extensions. The […]

The post Security Alert: 19 Fake PNG Extensions Found in VS Code Marketplace appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The cybersecurity landscape has reached a troubling inflection point. On December 5, 2025, Huntress identified a sophisticated campaign deploying the Atomic macOS Stealer (AMOS) through a deceptively simple vector. AI conversations on OpenAI’s ChatGPT and xAI’s Grok platforms, surfaced via SEO manipulation to appear as trusted troubleshooting guides. What makes this campaign particularly dangerous is […]

The post Threat Actors Exploit ChatGPT and Grok Conversations to Deliver AMOS Stealer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

DomainTools Investigations has released critical findings detailing the expansion of a massive malware-delivery network targeting Chinese-speaking users worldwide. The long-running cluster, active since June 2023, has swelled to approximately 5,000 domains, with researchers identifying over 1,900 new domains between May and November 2025 alone. This latest investigation also marks a significant milestone in defensive cybersecurity, […]

The post AI-Powered Analysis Exposes Massive 5,000-Domain Chinese Malware Operation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A critical stored cross-site scripting (XSS) vulnerability in Ivanti Endpoint Manager (EPM) enables unauthenticated attackers to hijack administrator sessions by injecting malicious JavaScript into the management dashboard. The vulnerability, identified as CVE-2025-10573 with a CVSS score of 9.6, affects all versions below EPM 2024 SU4 SR1 and poses an immediate threat to enterprise environments managing […]

The post High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The indie gaming community faces a new and sophisticated threat. Malicious actors are exploiting itch.io and Patreon to distribute the Lumma Stealer malware disguised as legitimate game updates, targeting unsuspecting gamers through a systematic spam campaign across the platform. Newly created itch.io accounts have been flooding comment sections of legitimate games with templated messages claiming […]

The post Cybercriminals Use Fake Game Updates on Itch.io and Patreon to Push Lumma Stealer appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has published comprehensive guidance addressing the Shai-Hulud 2.0 supply chain attack, one of the most significant cloud-native ecosystem compromises observed in recent months. The campaign represents a sophisticated threat that exploits the trust inherent in modern software development workflows by targeting developer environments, CI/CD pipelines, and cloud-connected workloads to harvest sensitive credentials and configuration […]

The post Microsoft Releases New Guidance to Combat the Shai-Hulud 2.0 Supply Chain Threat appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

During a recent incident response engagement, FortiGuard IR services responded to a sophisticated ransomware attack in which threat actors deployed advanced anti-forensic techniques to eliminate their digital footprint. The attackers deleted malware, cleared logs, and obfuscated tools to prevent analysis. However, FortiGuard researchers made a critical discovery: historical evidence of the deleted malware and attacker […]

The post FortiGuard Team Uncovers Stealth Forensic Data Within Windows Telemetry appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cybersecurity researchers have uncovered a sophisticated Linux malware campaign exploiting the critical React2Shell vulnerability (CVE-2025-55182) to deploy multiple post-exploitation payloads. A newly identified backdoor dubbed “PeerBlight” that leverages the BitTorrent DHT network for resilient command-and-control communications. CVE-2025-55182, publicly disclosed on December 3, 2025, is a critical-severity unauthenticated remote code execution vulnerability affecting React Server Components […]

The post PeerBlight Linux Malware Abuses React2Shell for Proxy Tunneling appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and international partners from the European Cybercrime Centre (EC3) have released a joint cybersecurity advisory detailing the escalating activities of pro-Russia hacktivist groups. This new advisory highlights a shift in tactics, with hacktivists targeting Operational Technology (OT) and Industrial […]

The post CISA and FBI Warn of Pro-Russia Hacktivist Attacks on Critical Infrastructure Worldwide appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.